roller: handle sending malformed batches

2024-12-01 11:33:41 +03:00 · 2021-12-14 15:24:25 +01:00 · 2021-12-14 15:24:25 +01:00 · fc540bf209
commit fc540bf209
parent d1a04c7c54
2 changed files with 19 additions and 15 deletions
--- a/pkg/arvo/app/roller.hoon
+++ b/pkg/arvo/app/roller.hoon
@ -1082,8 +1082,8 @@
 ::
 ::    The cause of not sending the previous batch can happen because
 ::    of thread failure (see line 1251) or because the private key loaded onto
-::    the roller was used for outside of the roller (i.e. for other than signing
-::    L2 batches) right after the send-batch thread started.
+::    the roller was used for something other than signing L2 batches right
+::    after the send-batch thread started.
 ::
 ::    After reaching this state, any subsequents attempts have failed (L: 1251)
 ::    (prior to updating the sending nonce if we hit the on-out-of-sync case)
@ -1174,13 +1174,18 @@
 ++  send-roll
  |=  [=address:ethereum =nonce:naive]
  ^-  (list card)
+  ?~  endpoint
+    ~?  lverb  [dap.bowl %no-endpoint]
+    ~
  ::  if this nonce isn't in the sending queue anymore, it's done
  ::
  ?.  (has:ors:dice sending [address nonce])
    ~?  lverb  [dap.bowl %done-sending [address nonce]]
    ~
-  ?~  endpoint
-    ~?  lverb  [dap.bowl %no-endpoint]
+  ::  if there are no txs for this nonce, don't send it
+  ::
+  ?:  =(0 (lent txs:(got:ors:dice sending [address nonce])))
+    ~&  >>>  [dap.bowl %empty-nonce]
    ~
  ::  start the thread, passing in the l2 txs to use
  ::  TODO  should go ahead and set resend timer in case thread hangs, or nah?
--- a/pkg/arvo/ted/roller/send.hoon
+++ b/pkg/arvo/ted/roller/send.hoon
@ -13,6 +13,16 @@
 =/  =address:ethereum  (address-from-prv:key:ethereum pk)
 ;<  expected-nonce=@ud  bind:m
  (get-next-nonce:ethio endpoint address)
+=/  batch-data=octs
+  %+  cad:naive  3
+  %-  flop
+  %+  roll  txs
+  |=  [=raw-tx:naive out=(list octs)]
+  [raw.raw-tx 65^sig.raw-tx out]
+::  if the batch is malformed, emit error to kick it out of sending
+::
+?~  (parse-roll:naive q.batch-data)
+  (pure:m !>(%.n^[%not-sent %batch-parse-error]))
 ::  if chain expects a different nonce, don't send this transaction
 ::
 ?.  =(nonce expected-nonce)
@ -34,17 +44,6 @@
  ?:  =(0 next-gas-price)  fetch-gas-price
  (pure:(strand:strandio @ud) next-gas-price)
 ::
-=/  batch-data=octs
-  %+  cad:naive  3
-  %-  flop
-  %+  roll  txs
-  |=  [=raw-tx:naive out=(list octs)]
-  [raw.raw-tx 65^sig.raw-tx out]
-::  TODO: keep this to avoid sending bad batches or disregard?
-::
-?~  (parse-roll:naive q.batch-data)
-  (pure:m !>(%.n^[%not-sent %batch-parse-error]))
-::
 ::  each l2 signature is 65 bytes + XX bytes for the raw data
 ::  from the ethereum yellow paper:
 ::  gasLimit = G_transaction + G_txdatanonzero × dataByteLength